﻿using Model;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;

namespace Web.PublicWeb
{
    public class Backstage_LoginExists : ActionFilterAttribute
    {
        private static readonly string Babyface = "Babyface";
        private static readonly string UserInfo = "UserInfo";

        public string Position { get; set; }//当前页面权限-等待与用户权限做匹配
        public string alertlog { get; set; }

        /// <summary>
        /// 访问权限超出，退出登陆
        /// </summary>
        private void LoginOut(ActionExecutingContext filterContext)
        {
            RouteValueDictionary dictionary = new RouteValueDictionary
               (new
               {
                   controller = "System",
                   action = "Login",
                   returnUrl = filterContext.HttpContext.Request.RawUrl
               });
            filterContext.Result = new RedirectToRouteResult(dictionary);
        }

        //跳转方法
        /// <summary>
        /// 在action执行之前运行
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            HttpCookie cookieBabyface = HttpContext.Current.Request.Cookies[Babyface];
            if (cookieBabyface == null)//登陆失效了
            {
                LoginOut(filterContext);
            }
            else//如果登陆有效
            {
                string positionCookie = HttpContext.Current.Server.UrlDecode(cookieBabyface.Values["Backstageadmin_position"]);//获得用户权限-等待与页面权限做匹配
                if (positionCookie == "")//如果用户没有任何权限 那么跳出登陆
                {
                    LoginOut(filterContext);
                }
                else//如果用户有权限
                {
                    if (!string.IsNullOrEmpty(Position))//如果页面存在权限
                    {
                        string[] quanxianlist = Position.Split(',');//页面可访问权限列表
                        if (!quanxianlist.Contains(positionCookie))//如果当前登陆用户不包含此页面权限，那么退出登陆
                        {
                            LoginOut(filterContext);
                        }
                        else//合格的用户
                        {

                        }
                    }
                    else//如果页面不存在权限
                    {

                    }
                }

                string jsonUser = cookieBabyface[UserInfo];
                jsonUser = HttpContext.Current.Server.UrlDecode(jsonUser);
                try
                {
                    var user = JsonConvert.DeserializeObject<SysUser>(jsonUser);
                    if (!string.IsNullOrEmpty(Position))//如果页面存在权限
                    {
                        string[] quanxianlist = Position.Split(',');//页面可访问权限列表
                        if (!quanxianlist.Contains(user.TRoleName))//如果当前登陆用户不包含此页面权限，那么退出登陆
                        {
                            LoginOut(filterContext);
                        }
                        else//合格的用户
                        {

                        }
                    }
                    else//如果页面不存在权限
                    {

                    }
                }
                catch
                {
                    LoginOut(filterContext);
                }

                base.OnActionExecuting(filterContext);//暂时没发现用途 明天研究
            }
        }

    }
}